0cdbfc6df8a1d4f054146c2e5dc92644e0434d813a1991625d62d08a79cafe71 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f0159b3d5177a20f85eaed6220db12f1_JaffaCakes118
Size

685KB
Sample

240921-ss15tszcpq
MD5

f0159b3d5177a20f85eaed6220db12f1
SHA1

de8818347997580a017994f2e3c0f166483e1c4c
SHA256

0cdbfc6df8a1d4f054146c2e5dc92644e0434d813a1991625d62d08a79cafe71
SHA512

498d64c48e797c03e32e20ed9af370f190ce142046b48a8f05251d1407d38830cb026ea6c301ae9f7c43d29c8bdd57af47cf4c16176f9089c9c6b7b1a842de17
SSDEEP

3072:BwlYzdPvGIEA45DEE/GJnQEfLrl1MZHco9DjAoBc:BwChvGd9+EeJQyMJ99N

Score

7^/10

aspackv2 discovery persistence

Malware Config

Targets

- Target
  
  f0159b3d5177a20f85eaed6220db12f1_JaffaCakes118
- Size
  
  685KB
- MD5
  
  f0159b3d5177a20f85eaed6220db12f1
- SHA1
  
  de8818347997580a017994f2e3c0f166483e1c4c
- SHA256
  
  0cdbfc6df8a1d4f054146c2e5dc92644e0434d813a1991625d62d08a79cafe71
- SHA512
  
  498d64c48e797c03e32e20ed9af370f190ce142046b48a8f05251d1407d38830cb026ea6c301ae9f7c43d29c8bdd57af47cf4c16176f9089c9c6b7b1a842de17
- SSDEEP
  
  3072:BwlYzdPvGIEA45DEE/GJnQEfLrl1MZHco9DjAoBc:BwChvGd9+EeJQyMJ99N
Score

7^/10

aspackv2 discovery persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoverypersistence

behavioral2

aspackv2discoverypersistence